Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a3a2f33322d3332203d3e20323033303639.roa
File:                     326130353a646663353a3a2f33322d3332203d3e20323033303639.roa (raw, json)
Hash identifier:          /Vlp5C4fyONd1XxqqLm7O/fhPze6bmtfFpxYNr0r7I4=
Subject key identifier:   A8:FE:0B:02:7D:22:F4:EE:91:31:1A:82:6B:78:95:01:86:D1:FB:27
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       78D877022C55E853F0B37AA12FC4A18E447E1A85
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a3a2f33322d3332203d3e20323033303639.roa
Signing time:             Thu 12 Jan 2023 17:09:37 +0000
ROA not before:           Thu 12 Jan 2023 17:04:37 +0000
ROA not after:            Thu 11 Jan 2024 17:09:37 +0000
asID:                     203069
IP address blocks:        2a05:dfc5::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:d8:77:02:2c:55:e8:53:f0:b3:7a:a1:2f:c4:a1:8e:44:7e:1a:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 12 17:04:37 2023 GMT
            Not After : Jan 11 17:09:37 2024 GMT
        Subject: CN=A8FE0B027D22F4EE91311A826B78950186D1FB27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b6:fe:1c:e6:9a:9f:1e:27:f6:50:ae:f6:10:
                    0f:99:ca:fc:ba:6e:6f:bd:43:76:a2:53:7d:75:35:
                    40:66:2a:02:25:ba:de:6f:d1:1c:72:e8:5e:79:b7:
                    7d:df:19:bf:3b:33:7e:2a:ae:0b:03:a4:8c:44:07:
                    fa:f7:c8:81:fc:15:fc:0d:09:16:1f:79:ee:7b:e0:
                    34:76:34:6b:5f:76:84:df:31:e5:b3:b7:55:7d:6d:
                    4a:59:6b:fa:78:37:b1:a6:79:b7:d9:c9:d7:3f:19:
                    62:d6:df:58:44:96:0a:5c:cd:3a:30:45:f2:97:98:
                    ee:7a:e1:3b:95:d9:40:b2:f8:1e:46:fa:49:f1:10:
                    ab:fd:57:4c:7e:1b:c9:89:57:eb:c6:73:4f:35:5e:
                    4e:ac:5c:45:5c:f0:ef:cc:92:b1:28:4c:71:8d:99:
                    af:a8:40:6b:1e:67:a1:a1:6c:cc:80:aa:90:52:2c:
                    f2:84:bb:59:b7:00:b3:fa:72:d4:7d:41:3b:17:4e:
                    d6:8b:54:22:7c:fb:dd:ce:d7:89:79:e6:07:4d:1a:
                    30:98:b9:6c:47:20:e4:48:7c:0e:52:57:5a:ae:c5:
                    49:ac:bf:e9:fd:19:46:07:5a:57:25:1a:c0:d2:10:
                    62:7d:55:76:a7:8b:6a:17:25:d2:c6:d6:85:54:e1:
                    e5:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:FE:0B:02:7D:22:F4:EE:91:31:1A:82:6B:78:95:01:86:D1:FB:27
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a3a2f33322d3332203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:18:ed:d4:88:24:8c:e1:52:f6:86:9d:82:bb:ef:29:41:2a:
         c2:a5:d2:f8:79:d3:f1:3f:7a:8d:86:9b:2c:41:2c:e0:c9:b2:
         c9:30:6b:8b:04:71:df:ab:7b:87:6d:27:ab:2e:e8:55:1f:26:
         c6:76:c1:b2:89:25:11:57:b2:07:3a:d5:c8:9c:99:f1:2d:98:
         0e:ab:94:7b:5c:51:0d:3d:eb:99:c5:fd:6a:51:a5:26:12:5e:
         4b:1f:2c:de:61:02:44:b6:b0:0a:eb:cc:7e:3c:21:a3:e1:3d:
         8b:ff:8c:8c:83:80:c7:84:df:b9:b0:f5:bc:05:e0:6b:95:4a:
         3c:35:2d:ba:cd:6f:02:11:a1:81:70:6f:fd:c9:a3:22:ad:1c:
         42:2d:d9:61:db:3b:07:d1:6f:88:a3:3a:5d:19:85:19:b7:13:
         b7:7b:e0:4e:47:7f:4d:1c:28:63:ab:78:66:51:ff:94:f4:b8:
         07:f1:f5:58:56:10:05:41:dd:8b:c8:1f:58:68:cd:a2:bd:73:
         63:71:44:9d:63:87:0b:b2:59:9e:c8:79:84:b6:f4:d3:4f:f9:
         17:4a:57:fc:d4:67:12:f6:03:00:f6:57:2a:7e:47:7e:5c:20:
         a8:12:e7:e8:18:7e:47:f5:60:e3:1a:a5:73:b7:1c:3b:21:4b:
         98:0e:96:8a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUeNh3AixV6FPws3qhL8ShjkR+GoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMTIxNzA0MzdaFw0yNDAxMTExNzA5MzdaMDMxMTAvBgNV
BAMTKEE4RkUwQjAyN0QyMkY0RUU5MTMxMUE4MjZCNzg5NTAxODZEMUZCMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3tv4c5pqfHif2UK72EA+Zyvy6
bm+9Q3aiU311NUBmKgIlut5v0Rxy6F55t33fGb87M34qrgsDpIxEB/r3yIH8FfwN
CRYfee574DR2NGtfdoTfMeWzt1V9bUpZa/p4N7GmebfZydc/GWLW31hElgpczTow
RfKXmO564TuV2UCy+B5G+knxEKv9V0x+G8mJV+vGc081Xk6sXEVc8O/MkrEoTHGN
ma+oQGseZ6GhbMyAqpBSLPKEu1m3ALP6ctR9QTsXTtaLVCJ8+93O14l55gdNGjCY
uWxHIORIfA5SV1quxUmsv+n9GUYHWlclGsDSEGJ9VXani2oXJdLG1oVU4eWhAgMB
AAGjggJuMIICajAdBgNVHQ4EFgQUqP4LAn0i9O6RMRqCa3iVAYbR+ycwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KgXfxTANBgkqhkiG9w0BAQsFAAOCAQEARRjt1IgkjOFS9oadgrvvKUEqwqXS+HnT
8T96jYabLEEs4MmyyTBriwRx36t7h20nqy7oVR8mxnbBsoklEVeyBzrVyJyZ8S2Y
DquUe1xRDT3rmcX9alGlJhJeSx8s3mECRLawCuvMfjwho+E9i/+MjIOAx4TfubD1
vAXga5VKPDUtus1vAhGhgXBv/cmjIq0cQi3ZYds7B9FviKM6XRmFGbcTt3vgTkd/
TRwoY6t4ZlH/lPS4B/H1WFYQBUHdi8gfWGjNor1zY3FEnWOHC7JZnsh5hLb000/5
F0pX/NRnEvYDAPZXKn5HflwgqBLn6Bh+R/Vg4xqlc7ccOyFLmA6Wig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org